Scan in document into fax machine and 
identify intended recipient. 






Request and obtain a copy of the intended 
recipient's Certificate from Ldap. 




r 


Select a session key for use in 
communication with the intended recipient. 



Encrypt the document using 
the selected session key. 



Encrypt a copy of the session key with 
the public key of the intended recipient 
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Send encrypted document, encrypted session key and intended 
recipient's Certificate to receiving fax machine (RFM). 



Figure 2a 



RFM receives the encrypted document, the encrypted key and 
the intended recipient's Certificate and stores these in memory. 



RFM requests the intended recipient to input their smart 
card containing the intended recipient's private key. 



Encrypted session key passed to smart card and 
decoded using intended recipient's private key. 
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Decoded session key returned to RFM and used 
to decrypt the encrypted fax document. 




Check validity of certificate 
or chain of certificates. 



Valid ? 
N 



Y 
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Intended recipient not validated so 
do not print out received document 



Notify person attempting to access received 
document that they are not authorised 



Intended recipient validated so 
print out document. 
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Figure 2b 



Document 



Sending Fax Machine 



Hash 
Algorithm 
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18(82) 
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Doc Certificate Digest 
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Receiving Fax Machine 



Hash 
Aigorithm 



Audit 
Log 



Store of 
documents 



Store of 
certificates 



Figure 4 



Scan in document into f 
machine 



Create Digest of Document 



1 


r 


Confirm sender's smart card , 
using PIN or a biometric 
check 




r 


Encrypt Digest using 
private key of signer 




r 


Request and obtain 
Certificate of signer 
including his public key 






Send document together 
with Certificate of signer 
and Digest 
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100 
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Figure 5 



Receive document, Digest 
and Certificate of sender. 
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Extract public key of sender 
and use to decode Digest. 
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Redigest document using 
same hash algorithm. 




The sender of the document . 
and its contents are verified \ 
and can be relied upon. 
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The sender of the document or 
its contents cannot be verified 
and cannot be relied upon. 



Print verifying mark on 
paper copy of document 
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Figure 6 



150 




Figure 7 



A sends its own Certificate a random integer 
'nonceA' and a request for C's Certificate to C. 

+ . =n 

C receives request, A's Certificate and nonceA. r^— «~. 1 64 
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C encrypts nonceA^vith its private key" |"- — .^q 



C sends encrypted nonceA together with its digital 
Certificate and a new random integer 'nonceC to A. 



A receives request, C's Certificate and nonceC. j " — ^174 




A decodes the encrypted nonceA using C's public key and 
compares this with a previously stored version of nonceA. 
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A encrypts nonceC^vith its private key. | "v> 
A sends encrypted nonceC to C. 184 




Irregularity in procedure detected so 
do not send or receive document. 



